Mavituna Security - Netsparker Vulnerability Scanner
[Advertise With HackThisSite.org]

Hack This Site - Forums Index

Need help finding vulnerabilities

Post a reply

Need help finding vulnerabilities

Post by wallabong on Tue Dec 25, 2012 8:09 am
([msg=71838]see Need help finding vulnerabilities[/msg])

Hey guys,

I've been pushing myself into learning and understanding buffer overflows and now I'm desperately looking for vulnerabilities in a given executable (see file below).

This program listens on a given port when running (./vuln 8888 for port 8888), writes into a log file ("/tmp/vuln.log") and waits for user input. If there is a user input, it prints it onto the shell, writes into the log file something like "%buffer = 0xbffff1d0" and replies with "OK".

After some investigations, I'm sure it is vulnerable to buffer overflows and uses a char * buffer[2000].
In all tutorials, it is usually enough to use a larger input than allowed to crash the program. But I just can't get it crashing.

I hope the solution is not too obvious....

Some help would be much appreciated!

Cheers
wallabong

Linux executable:
*Executable link removed. We don't normally allow this for security reasons. PM a Mod to discuss*
wallabong
New User
New User
 
Posts: 1
Joined: Tue Dec 25, 2012 7:57 am
Blog: View Blog (0)

Re: Need help finding vulnerabilities

Post by centip3de on Fri Dec 28, 2012 1:27 pm
([msg=71873]see Re: Need help finding vulnerabilities[/msg])

wallabong wrote:Hey guys,

I've been pushing myself into learning and understanding buffer overflows and now I'm desperately looking for vulnerabilities in a given executable (see file below).

This program listens on a given port when running (./vuln 8888 for port 8888), writes into a log file ("/tmp/vuln.log") and waits for user input. If there is a user input, it prints it onto the shell, writes into the log file something like "%buffer = 0xbffff1d0" and replies with "OK".

After some investigations, I'm sure it is vulnerable to buffer overflows and uses a char * buffer[2000].
In all tutorials, it is usually enough to use a larger input than allowed to crash the program. But I just can't get it crashing.

I hope the solution is not too obvious....

Some help would be much appreciated!

Cheers
wallabong

Linux executable:
*Executable link removed. We don't normally allow this for security reasons. PM a Mod to discuss*


Just because there is a char array, doesn't mean that there is a buffer overflow -- you need to know how the buffer is used in order to detect that. Do you have access to the source?
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1401
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)
Post a reply

Return to C and C++

Who is online

Users browsing this forum: No registered users and 0 guests

Disclaimer :
HackThisSite does not support illegal activities.
The management of this board is not responsible for the content of any external internet sites.
Powered by phpBB © 2000-2009 phpBB Group
Carbon Style By Echo -=Designs By Echo=- © 2007 Echo
Administration Control Panel